CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2010-2226 – kernel: xfs swapext ioctl minor security issue
https://notcve.org/view.php?id=CVE-2010-2226
03 Sep 2010 — The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write access and obtain read access by swapping one file into another file. La función xfs_swapext en fs/xfs/xfs_dfrag.c en el kernel de Linux kernel anterior v2.6.35 no chequea adecuadamente los descriptores de archivo en SWAPEXT ioctl, lo que permiete a usuarios locales aprovechar el acceso de escritura y obtener acc... • http://archives.free.net.ph/message/20100616.130710.301704aa.en.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 29%CPEs: 31EXPL: 4CVE-2010-1205 – libpng 1.4.2 - Denial of Service
https://notcve.org/view.php?id=CVE-2010-1205
30 Jun 2010 — Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row. Desbordamiento de buffer en el fichero pngpread.c en libpng anteriores a 1.2.44 y 1.4.x anteriroes a 1.4.3, como se utiliza en aplicaciones progresivas, podría permitir a atacantes remotos ejecutar código arbitrario mediante una imagen PNG que desencadena una serie de datos adicionales. ... • https://www.exploit-db.com/exploits/14422 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 1%CPEs: 24EXPL: 0CVE-2010-2249 – libpng: Memory leak when processing Physical Scale (sCAL) images
https://notcve.org/view.php?id=CVE-2010-2249
30 Jun 2010 — Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks. Fuga de memoria en pngrutil.c en libpng anteriores a v1.2.44 y v1.4.x anteriores a v.1.4.3, permite a atacantes remotos causar una denegación de servicio (consumo de memoria y caída de aplicación) a través de una imagen que contiene un troceado mal formado del Physical ... • http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 9.3EPSS: 10%CPEs: 7EXPL: 0CVE-2010-2297
https://notcve.org/view.php?id=CVE-2010-2297
15 Jun 2010 — rendering/FixedTableLayout.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an HTML document that has a large colspan attribute within a table. rendering/FixedTableLayout.cpp en WebCore en WebKit en Google Chrome anterior a v5.0.375.70, permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente la ejecución de código de su elección a través de u... • http://code.google.com/p/chromium/issues/detail?id=42723 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 1CVE-2010-2301
https://notcve.org/view.php?id=CVE-2010-2301
15 Jun 2010 — Cross-site scripting (XSS) vulnerability in editing/markup.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to inject arbitrary web script or HTML via vectors related to the node.innerHTML property of a TEXTAREA element. NOTE: this might overlap CVE-2010-1762. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en editing/markup.cpp en WebCore en WebKit en Google Chrome anterior v5.0.375.70 permite a atacantes remotos inyectar código web o HTML de su elección... • http://code.google.com/p/chromium/issues/detail?id=43902 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 5%CPEs: 7EXPL: 0CVE-2010-2302
https://notcve.org/view.php?id=CVE-2010-2302
15 Jun 2010 — Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving remote fonts in conjunction with shadow DOM trees, aka rdar problem 8007953. NOTE: this might overlap CVE-2010-1771. Vulnerabilidad de uso después de la liberación (Use-after-free) en WebCore de WebKit de Google Chrome anterior a v5.0.375.70 permite a atacantes remotos provocar una denegación de ... • http://code.google.com/p/chromium/issues/detail?id=44740 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 13%CPEs: 73EXPL: 0CVE-2010-1770 – Apple Webkit CSS Charset Text Transformation Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1770
08 Jun 2010 — WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Apple Safari before 4.1 on Mac OS X 10.4, and Google Chrome before 5.0.375.70 does not properly handle a transformation of a text node that has the IBM1147 character set, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document containing a BR element, related to a "type checking issue." WebKit en Safari de Apple anterior a versión 5.0... • http://code.google.com/p/chromium/issues/detail?id=43487 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 1%CPEs: 13EXPL: 0CVE-2010-1634 – python: audioop: incorrect integer overflow checks
https://notcve.org/view.php?id=CVE-2010-1634
27 May 2010 — Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to audioop.lin2lin with a long string in the first argument, leading to a buffer overflow. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-3143.5. Múltiples desbordamientos de entero en audioop.c en el módulo audioop en Python v2.6, v2.7, v3.1 y v3.2, permite a... • http://bugs.python.org/issue8674 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 2%CPEs: 20EXPL: 0CVE-2010-1321 – krb5: null pointer dereference in GSS-API library leads to DoS (MITKRB5-SA-2010-005)
https://notcve.org/view.php?id=CVE-2010-1321
19 May 2010 — The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an AP-REQ message in which the authenticator's checksum field is missing. Vulnerabilidad en la función "kg_accept_krb5" en "krb5/accept_sec_context.c" de l... • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02257427 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 8%CPEs: 21EXPL: 0CVE-2010-0205 – libpng: excessive memory consumption due to highly compressed huge ancillary chunk
https://notcve.org/view.php?id=CVE-2010-0205
03 Mar 2010 — The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of service (memory and CPU consumption, and application hang) via a crafted PNG file, as demonstrated by use of the deflate compression method on data composed of many occurrences of the same character, related to a "de... • http://libpng.sourceforge.net/ADVISORY-1.4.1.html • CWE-400: Uncontrolled Resource Consumption •